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I. Real Party in Interest 

The application is assigned to Gemplus, a French Corporation. 

II. Related Appeals and Interferences 

There are no other prior or pending appeals, interferences or judicial 
proceedings which may be related to, directly affect or be directly affected by, or 
have a bearing on the Board's decision in this appeal. 

III. Status of Claims 

The application contains claims 1-7, all of which are currently pending. 
Claims 3 and 5-7 have been identified as containing allowable subject matter. 
Claims 1, 2 and 4 stand finally rejected, and form the basis for this appeal. 

IV. Status of Amendments 

An Amendment was filed subsequent to the final Office Action, on August 15, 
2005. In an Advisory Action dated August 30, 2005, the Examiner indicated that the 
Amendment will be entered for purposes of appeal. The Advisory Action also stated 
that the objections to claims 2-7, and the rejection of claim 3 under 35 U.S.C. §112, 
were withdrawn. 

V. Summary of Claimed Subject Matter 

The claimed invention is directed to a data processing system with 
applications having security rights associated therewith, such as applications for 
banking, health, mobile telephony services, etc. Although not limited thereto, the 
invention is particularly concerned with data processing systems having a limited 
amount of available memory, such as smart cards. A security register is used to 
store the rights that have been granted to an application, for example by presenting 
a secret password. As described in the background portion of the specification, in 
the prior art a separate security register was dedicated to each application. 
Consequently, in an environment having multiple applications, it was necessary to 
allocate an equal number of security registers in memory. When limited memory is 
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available, such as in a smart card, it is undesirable to consume a significant portion 
of this memory with registers. As a result, the requirement for dedicated registers 
could operate as a limit on the number of applications that are stored on the smart 
card. (Page 1, line 4, to page 2, line 21) 

To overcome this limitation, the claimed invention provides an alternative to a 
dedicated security register for each application. In accordance with the invention, a 
limited number of registers are selectively allocated among the applications, as 
needed. Referring to the example presented in the drawings, Figure 1 illustrates a 
number of directories Rep that are arranged in a five-level hierarchy. Typically, a 
directory is dedicated to a single application. To limit access to a directory, or a file 
within the directory, defined criteria, such as one or more secret codes, are 
associated with, e.g. stored within, the directory. (Page 5, lines 3-27) 

In order to access the functionality of an application, it is necessary to present 
information which proves that the person or entity requesting access has knowledge 
of a secret associated with the application. The rights associated with such 
knowledge are stored in a register, with different applications having respectively 
different associated registers. Figure 2.1 illustrates three registers R1-R3. Each 
register comprises a number of digits, or positions, which respectively correspond to 
different secrets that provide rights to the application. (Page 6, lines 7-19; page 7, 
lines 1-14) 

In accordance with the invention, the registers R1-R3 are selectively allocated 
to the directories Rep1-Rep52 on an as-needed basis. Figures 2.1 to 2.14 illustrate 
an example of the selective allocation. At Figure 2.4, a secret associated with 
directory Rep2, at hierarchy level N2, has been presented. As a result, register R1 is 
allocated to the directory at this level. In Figure 2.6, a secret associated with 
directory Rep31, at level N3, has been presented, and therefore register R2 is 
allocated to a directory at this level. In Figure 2.8, a secret associated with directory 
Rep41, at level N4, has been presented, and therefore register R3 is allocated to a 
directory at this level. At this point, therefore, all three of the available registers have 
been allocated to respective directories. 
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In Figure 2.9, directory Rep51 has been selected. When a right under this 
directory is presented, the register that was allocated the earliest, in this case 
register R1 , is de-allocated from the directory at level N2, and allocated to the new 
selected directory Rep51, as depicted in Figure 2.10. (Page 8, line 21 to page 9, line 
29) The rules for the allocation and de-allocation of the security registers are 
summarized at page 7, line 23, to page 8, line 14. 

The rule for the presentation of a secret is set forth in the specification at page 
10, line 14, to page 11, line 30. Referring to Figures 3.1a and 3.1b, a secret S3 is 
presented with respect to directory Rep41 . Such a secret exists locally within that 
directory, and therefore the register R3 is allocated to the directory. The right 
associated with secret S3 is granted by updating the register, as depicted in Figure 
3.1b. 

If a secret is presented that does not exist within the current application at a 
given level, a determination is made whether the same secret exists within a parent 
application at a higher level. Referring to Figure 3.3a, the secret S2 is presented in 
connection with the directory Rep41 . That particular secret is not stored locally in 
that directory, but it does exist in directories Rep1 , Rep2, Rep42 and Rep51 . 
Consequently since the secret S2 is associated with a parent directory of the 
designated directory Rep41, in this case Rep2, knowledge of the secret is proved 
and the security register R3 that has been allocated to the directory Rep41 is 
updated to indicate the granting of the right associated with that secret, as illustrated 
in Figure 3.3b. (Page 12, lines 19-26) 

VI. Grounds of Rejection to be Reviewed on Appeal 

The final Office Action presents three grounds of rejection that are submitted 
for review on this appeal: 

1 . Claim 1 stands rejected under the second paragraph of 35 U.S.C. 
§112, on the grounds that the term "allocatable" is considered to render the claim 
indefinite; 
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2. Claim 1 stands rejected under 35 U.S.C. §103 as being unpatentable 
over the Proust et al. patent (U.S. 6,216,014) in view of the Jennings, III patent (U.S. 
6,134,631); and 

3. Claims 2 and 4 stand rejected under 35 U.S.C. §103 as being 
unpatentable over the Proust and Jennings, III patents, in further view of the Shanton 
patent (U.S. 5,680,452). 

VII. Argument 

A. The Rejection Under 35 U.S.C. §112 

The final Office Action alleges that the word "allocatable" in claim 1, line 7, 
makes the claim indefinite. Specifically, the rejection states that it is not clear 
whether this term is an affirmative statement, "that is the method steps are being 
executed (narrow claim language) or not (broader claim language)." 1 The rejection 
suggests that the phrase "selectively allocating a number of security registers to any 
one of a plurality of said directories" be inserted as a replacement. The statement of 
rejection, and proposed change in terminology, appear to be based upon a 
misunderstanding of the claim. In particular, the reference to "method steps", and 
the suggestion to positively recite a method step, are inconsistent with the fact that 
claim 1 is a system claim, not a method claim. 

Claim 1 recites that the security registers are "selectively allocatable to any 
one of a plurality of said directories". This phrase does not constitute a method step. 
Rather, it defines a property of the security registers, i.e., that they are capable of 
being selectively allocated among the directories. This is in contrast to the prior art, 
in which a respective security register was dedicated to each application. 

In responding to Appellants 1 arguments to this effect, the Advisory Action 
states that the Examiner considered claim 1 as a system claim, and not a method 
claim. In support of this position, the Advisory Action refers to the word "means" in 
the final Office Action's statement that "neither means/method steps nor 



1 Final Office Action at page 4, lines 11-13. 
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interrelationship of means/method steps are set forth in these claims [sic] in order to 
achieve the desired results expressed in the 'allocatable...' phrase." 2 Despite this 
reference to the word "means", the explanation of the rejection set forth in the Office 
Action (quoted in the opening paragraph), does not make any reference to "means", 
or structure. It is all phrased in terms of method steps. Furthermore, the explanation 
given in the Advisory Action continues to emphasize the Examiner's analysis of the 
claim from the perspective of a method, not structure. It states "examiner considers 
'allocatable* phrase as a limitations not necessary performed [i.e., a verb], and for 
that reasons has given suggestion such as 'allocating 1 [an active verb]." 3 

Appellants are unable to determine what, precisely, is considered to be 
indefinite about the identified phrase. The recitation of "a number of security 
registers which are selectively allocatable to any one of a plurality of said directories" 
positively sets forth a property of the security registers, not the performance of a 
step. This recitation distinguishes the claimed subject matter from prior art registers 
that were dedicated to individual respective directories, and therefore not selectively 
allocatable. When the claim is read as a whole, and in light of the specification, the 
meaning of this phrase can be readily understood. It is a self-contained definition of 
a register's property, and does not require further recitation of means or method 
steps in order to comply with the definiteness requirements of the second paragraph 
of 35 U.S.C. §112. 

Furthermore, the purported "correction" that is offered in the final Office Action 
would appear to make the claim more indefinite, not less indefinite. As recently 
stated by the Court of Appeals for the Federal Circuit, a claim that recites both a 
system and the method for using that system "does not apprise a person of ordinary 
skill in the art of its scope, and ... is invalid under section 112, paragraph 2." IPXL 
Holdings, LLC v. Amazon.com, Inc., Appeal No. 05-1009, -1487, November 21, 2005 
(slip opinion at page 13). Since claim 1 recites a system, adding the suggested 
method step would run afoul of the principle underlying this holding. 



2 Final Office Action at page 4, lines 8-10. 

3 Advisory Action at section 1 1 , subparagraph 3. 
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B. The Rejection of Claim 1 Under 35 U.S.C. §103 

Claim 1 stands finally rejected under 35 U.S.C. §103 as being unpatentable 
over the Proust et al. patent in view of the Jennings, III patent. The Proust patent 
pertains to multi-application smart cards, such as SIM cards for mobile 
communication terminals, and more particularly the ability to independently manage 
the security for each application. Figure 4 of the patent illustrates a hierarchy of files 
and directories, comprising a master file MF, or root directory, a plurality of 
specialized files DF, or subdirectories, and a plurality of elementary files EF that are 
within one of the subdirectories or the root directory. These various files are 
accessible by remote applications, namely Loyalty, Payment and GSM. 

In relevant part, the final Office Action relies upon the Proust patent at column 
14, lines 6-9 and 28-47, which pertain to Figures 6 and 7 of the patent. With 
reference to Figure 6, the patent discloses that, for each TP-OA address, "namely 
each authorized remote application", the SIM card is able to access a set 61 to 63 of 
three parameters in data storage, i.e., a secret reference, an authentication mode 
and a security schema. The Office Action states that the location of the storage 
where the identifiers points to, namely 61, 62 or 63, corresponds to a security 
register that holds a message that contains a secret or rights. However, the Office 
Action goes on to acknowledge that the patent does not disclose that these 
"registers" are selectively allocatable to the directories (page 6, lines 13-17). Rather, 
Figure 6 illustrates a one-to-one relationship between the applications TP-OA1, TP- 
OA2 and TP-OAn and the "registers" 62, 61 and 63, respectively. 

Recognizing this distinction, the Office Action relies upon the Jennings patent, 
at column 3, lines 29-33. This portion of the patent describes a storage system 50 
as "a hierarchal memory system able to receive and respond to hierarchal memory 
control commands to store and retrieve files within a stored directory structure." The 
rejection states that it would have been obvious to utilize the Jennings patent's 
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disclosure of "allocation of security register or a memory location under a single 
directory" in the hierarchal file management security system of the Proust patent. 4 

There is no basis in the teachings of the Jennings patent for this statement. 
In particular, the patent does not contain any disclosure relating to security registers, 
let alone the allocation of security registers to directories. The referenced portion of 
the Jennings patent merely provides a generic disclosure that a hierarchal memory 
system can retrieve and store files in a directory structure. It does not contain any 
suggestion that security registers are somehow associated with the directories. 
More importantly, there is not teaching that a number of security registers should be 
selectively allocatable to any one of a plurality of directories in a hierarchy. 

It is not apparent from the Office Action why the Jennings patent is being 
relied upon in the rejection of claim 1. The cited portion of the Jennings patent 
appears to provide nothing more than that which is already illustrated in Figure 4 of 
the Proust patent, namely a number of files and directories that are stored in a multi- 
level hierarchal arrangement. There is no assertion in the final Office Action that the 
Jennings patent discloses, or otherwise suggests, the claimed feature which is 
acknowledged not to be disclosed in the Proust patent, namely the selective 
allocation of security registers to any one of a plurality of directories. 

MPEP § 2143 sets forth three basic criteria that must be met to establish a 
prima facie case of obviousness. The third of these criteria is that "the prior art 
reference (or references when combined) must teach or suggest all the claim 
limitations." The final rejection of claim 1 fails to meet this requirement. Specifically, 
it has not shown that either of the two references discloses "a number of security 
registers which are selectively allocatable to any one of a plurality of said 
directories," wherein the directories are organized in an in-level tree. For at least this 
reason, therefore, the final Office Action does not meet the burden of showing a 
prima facie case of obviousness. 

C. The Rejection of Claims 2 and 4 



4 Final Office Action at page 7, lines 1-3. 
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Method claims 2 and 4 stand finally rejected under 35 U.S.C. §103, as being 
unpatentable over the Proust and Jennings patents, in further view of the Shanton 
patent. In rejecting these claims, the final Office Action acknowledges that the 
Proust and Jennings patents do not disclose the dynamic allocation of security 
registers to one of a plurality of directories that are organized in a hierarchy. 5 
Therefore, the rejection relies upon the Shanton patent, and refers to its teachings 
that an object can include a directory, or collection of directories, and that its makeup 
can be changed dynamically by inheritance. 

In relevant part, the Shanton patent discloses that an object inherits the 
attributes of other objects, and the inheritance features can change dynamically 
during the operation of the objects. The fact that an object's inherited attributes can 
change dynamically has nothing to do with the allocation of security registers to 
directories. The Office Action does not identify any nexus between Shanton's 
discussion of dynamically changeable objects, and the Proust patent's disclosure of 
associating a secret reference with an application. At best, an application of the 
Shanton patent's teachings to the system of the Proust patent would be to make the 
directories themselves, i.e. the objects, capable of being dynamically changed 
through inheritance. This result does not, have anything to do with the manner in 
which security registers are allocated to those directories. In particular, it does not 
suggest that a security register can be dynamically allocated to any one of a plurality 
of directories in a hierarchy. 

The Office Action has not identified any teaching in the references that would 
lead a person of ordinary skill in the art to employ anything other than security 
registers that are dedicated to each of the directories, as known in the prior art. 



5 This explicit acknowledgement further underscores the lack of support for the rejection of 
claim 1 on the basis of these two references. 
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VIII. CONCLUSION 

The final Office Action fails to meet the requirement for a prima facie case of 
obviousness. In particular, it has not shown that all of the claimed elements are 
disclosed in, or otherwise suggested by, the references. 

Furthermore, the rejection under 35 U.S.C. §112 has not identified any 
indefiniteness in the recitation that the security registers are "selectively allocatable" 
to any one of a plurality of the directories. 

The rejections are not properly founded in the statute, and should be 
reversed. 
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CLAIMS APPENDIX 

The Appealed Claims 

1 . A system of managing security for data processing applications, 
comprising: 

directories in which the data processing applications are stored, said 
directories being organized in an n-level tree; and 

a number of security registers which are selectively allocatable to any one of a 
plurality of said directories, each security register containing all rights or secrets 
which have been granted under the directory to which it has been allocated. 

2. A method of managing security for data processing applications, 
comprising the steps of: 

dynamically allocating a security register to one of a plurality of directories that 
are organized in an n-level hierarchy; 

storing in said allocated security register rights granted under the directory to 
which said security register has been allocated, according to given rules; 

seeking secrets presented in the directory in which a data processing 
application is stored; and 

verifying knowledge of one or more rights at the level of said data processing 
application. 




Claims Appendix - 1 



4. A method according to claim 2 wherein said seeking step is performed 
according to the following rule: 

verifying that a secret presented is known in a current directory (Ni) or in a 
directory at a higher level of the hierarchy. 



Claims Appendix - 2 



